Our lawyers made the below nice and legal (because that's their job). They did let us put together this summary though, which lets us boil down everything you're about to read in a nice, easy-to-understand context. Do your diligence on the below though (that's your job). If anything doesn't make sense or you'd like to put together custom terms, email us at firstname.lastname@example.org. For most companies we're happy to accommodate your security, compliance, and privacy requirements.
WE DO NOT AND WILL NOT SELL YOUR DATA
To be crystal clear - ProfitWell does not and will not ever sell your data to third parties. Further, your data is rarely accessed as part of the service - the only reasons we'd ever look at your data is if there's a QA or security issue, or if you give us permission for the purposes of our own and our affiliate's analysis, which can also support you with identifying problems/opportunities in your business.
How do we make money then? Well, we do this by showing you problems and opportunities in your business through the free metrics and then sell you tools to solve those problems automatically for you. We think that's just a better way of doing business, because selling you graphs (although they're beautiful and insightful) just doesn't feel right.
WHAT ABOUT GDPR AND EU AND UK DATA PROTECTION?
We have you all taken care of on the GDPR front. You can check out more information our GDPR practices on our GDPR, EU and UK specific page. We've also been fully certified under the US-EU and US-Swiss Privacy Shield, and we're keeping a close eye on how that data relationship develops. You can learn more about that below.
HOW'S PROFITWELL'S SECURITY?
When it comes to security we do a lot, from organisational measures such as CCTV and personnel trainings to more sophisticated technical measures such as penetration testing and network defenses. This is an area that's extremely important to our continued success. There's a full write up here on our security page and at Exhibit B of our DPA, but if you'd like our full security risk assessment, send us an email at email@example.com.
EFFECTIVE: APRIL 13, 2022
We may collect the following personal information from you:
- Contact Information, such as name, email address, mailing address, or phone number;
- Demographic information, such as age, education, gender, interests and zip code;
- Billing Information, such as credit card number and billing address;
- Unique Identifiers, such as username, account number or password;
- Geo location based on IP address;
- Information about your business, such as company name, company size, business type.
We may also collect, from you, personal information about your contacts such as name and email address where we can send receipts of your purchases. When you provide us with personal information about your contacts we will only use this information for the specific reason for which it is provided, unless we have your prior approval for any additional uses (via specific discussions with you, or via our Terms or this Policy). If you believe that one of your contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at the contact information below.
As is true of most websites, we gather certain metrics and statistical information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
USE AND LEGAL BASIS:
Your data will be used by Profitwell for the following purposes:
- for identification and authentication purposes
- to provide - and improve the functioning of - the Sites
- to analyze how our service is used and improve it
- to detect and prevent fraudulent or abusive use
- to provide and analyze our pages on Social Media
- to send you important updates about our service
- to send you marketing content, including newsletters
- to act according to our legal obligations
Your data is typically processed by us on the basis of our legitimate interests (specified in more detail further below), and on the basis of our contract with you under our Terms of Service. In some cases your data may be processed by us with your explicit consent, particularly where you opt-in to receiving our newsletter or other marketing.
The data we process is limited, proportionate and necessary for the purposes listed above. If you do not wish to provide such data, this may limit your use of the Service (you will be informed of this at the relevant stage).
1. With Third Parties:
We may share your information between ProfitWell affiliated companies and with our third-party business partners, for instance, for the purpose of enhancing products and services. If you do not want us to share your personal information with these companies, contact us at the contact information below.
2. With Service Providers:
We may share your information with third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your personal information only as necessary to provide these services to us, to which these services may include:
- Payment processing
- Providing customer service
- Sending marketing communications
- Conducting research and analysis
- Providing cloud computing infrastructure
3. With Public Authorities or Law Enforcement:
In certain very limited situations, ProfitWell may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, when we believe there is a violation to our Terms of Service (see ProfitWell Terms of Service), protect your safety or the safety of others, investigate fraud, or respond to a government request. Other than as necessary and lawful within our business and group, we do not sell, rent or share personal information with third parties without your prior consent.
TRANSFERS OUTSIDE THE UK/EEA
Because of the international nature of our business, we transfer personal data to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.
If an exemption or derogation applies (e.g., where a transfer is necessary to establish, exercise or defend a legal claim) we may rely on that exemption or derogation, as appropriate. Where no exemption or derogation applies, and we transfer your personal data from the UK or EEA to recipients located outside those areas who are not in jurisdictions covered by a relevant adequacy decision, we do so on the basis of Standard Contractual Clauses. Please contact us using the contact details below if you wish to request a copy of our Standard Contractual Clauses.
Please note that when you transfer any personal data directly to ProfitWell (established outside the UK and EEA), we are not responsible for that transfer, however if it occurs under our Terms of Service, our DPA will apply. We will nevertheless process your personal data, from the point we receive that data, in accordance with the provisions of this Policy.
The security of your personal information is important to us. We follow generally accepted state-of-the-art standards to protect the personal information submitted to us, both during transmission and once it is received. 200 OK, LLC ensures that all source code, files and data remain private and confidential. Due to the sensitive nature of source code we take this very seriously and make it our primary concern for all customers. We restrict access to personal information to ProfitWell employees, contractors, affiliates and agents who need to know that information in order to operate, develop, or improve our services. Employees, agents and contractors are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
If you have any questions about the security of your personal information, you can contact us at the contact information below. We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.
Where we are the data controller, upon request ProfitWell will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account or by contacting us at the contact information below. We will respond to your request within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.
ProfitWell acknowledges that you have the right to access your personal information. ProfitWell typically has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data may be asked to direct their query to the relevant data controller (this is normally ProfitWell's Client who has provided us with the personal data). If requested to remove data we will respond within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.
You may sign-up to receive email or newsletter or other communications from us. If you would like to discontinue receiving this information, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you or by contacting us at the contact information below.
You may also email us at firstname.lastname@example.org to request that we remove your data from all of our systems.
EU-U.S. AND SWISS-U.S. PRIVACY SHIELD FRAMEWORKS
ProfitWell is certified in accordance with the 2017 EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Despite additional measures being overlayed onto that transfer mechanism, ProfitWell has as a matter of good practice maintained its adherence to the Privacy Shield Principles. ProfitWell is keeping an eye on the proposals in this area and will look to implement any new Privacy Shield arrangement agreed between EU and US bodies. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
ProfitWell is responsible for the processing of personal data it receives and subsequently transfers to a third party acting as an agent on its behalf. ProfitWell complies with the Privacy Shield Principles and any additional applicable transfer mechanisms for all onward transfers of personal data from the EU and Switzerland. In certain situations, ProfitWell may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
PRIVACY QUESTIONS / FEEDBACK